﻿<%
'打开访问权限，用于访问控制
hu_access = True
%><!--#include file="h.asp"--><%
'
'	七色虎建站系统
'	会员登录页面
'	2011.11.2

Sub main
	Dim a,url,body_,code_,userid,userIP
	Dim name,pass,rs,sql
	a=getData("a")
	url=getData("_u")'返回地址
	hu.title = "会员登录"
	body_ = ""
	If a="" Then
		code_=getCheckCode
		body_ = body_ & "[div=nav]会员登录-<a href="""&http_path&"bbs_reg.asp?_u="&url&""">注册</a>[/div]"
		Dim formarray(5)
		formarray(0) = http_path&"bbs_login.asp?a=1||post||提交||用户名或ID号：<br/>"
		formarray(1) = "input||name$$$$20$$16||<br/>密码：<br/>"
		formarray(2) = "input||pass$$$$20$$16||<br/>安全性："
		formarray(3) = "select||safe$$0||0$$正常||1$$高级||<br/>验证码："&code_&"<br/>"
		formarray(4) = "input||num1$$$$20||<br/>"
		formarray(5) = "hidden||num2$$"&numEncode(code_)&"||_u$$"&url&"||sid$$guest_"&wapStyle&"||"
		body_ = body_ & hu.getForm(formarray) & "<br/><a href="""&http_path&"bbs_reg.asp?_u="&url&""">会员注册</a> "&_
			"<a href="""&http_path&"bbs_forget.asp"">忘记密码</a><br/><br/>温馨提示：安全性选高级，登录后会使原来的书签失效<br/>"
	Else
		If getData("num1")<>numDecode(getData("num2")) Then rupt "错误", "验证码错误！"
		name=getD("name","")
		pass=getD("pass","")
		safe=getN("safe",0)
		If name="" or pass="" Then rupt "错误", "用户名和密码不能为空！"
		sql = "select top 1 id,sid,logip,logtime from 74hu_user where name='"&name&"' and password='"&pass&"'"
		If IsNumeric(name) Then sql = "select top 1 id,sid,logip,logtime from 74hu_user where id="&name&" and password='"&pass&"'"
		Set rs=hu.conn(sql)
		If Not rs.eof Then
			sql = ""
			If safe=1 Then
				sid=getOnlySid()
				' rs("sid")=sid
				sql = ",sid='"&sid&"' "
			Else
				sid=rs("sid")
				If Trim(sid)="" Then'后台添加用户sid为空
					sid=getOnlySid()
					sql = ",sid='"&sid&"' "
				End If
			End If
			userid=rs("id")
			userIP=user_array(7)
			hu.conn("update 74hu_user set logip='"&user_ip&"',logtime='"&time_now&"'"&sql&" where id="&userid)
			hu.conn("update 74hu_iprr set userid="&userid&" where hu_userip='"&userIP&"'")
			if wapStyle="" then wapStyle = 1
			hu.Sid = sid & "_" & wapStyle
			url = getBackUrl(url)
			hu.AutoRedirect = noubburl(url) & "&amp;" & bbsSid & "=" & hu.Sid
			body_ = body_ & "登录成功！正在跳转到来页...<br/>"&hu.url("bbs_user.asp","会员中心")&" "&hu.url(url,"返回来页")&"<br/>"
			Call setVisitUser(userid)
		Else
			body_ = body_ & "用户名或密码错误！"
		End If
		rs.close
		Set rs=Nothing
	End If
	hu.body = comUbb(body_)
End Sub

%>